From gdaly@u.washington.edu Sun May 13 03:41:38 2001 Received: from mxu4.u.washington.edu (mxu4.u.washington.edu [140.142.33.8]) by lists.u.washington.edu (8.11.2+UW01.01/8.11.2+UW01.04) with ESMTP id f4DAfb046650 for ; Sun, 13 May 2001 03:41:37 -0700 Received: from sttlpop4.sttl.uswest.net (sttlpop4.sttl.uswest.net [206.81.192.4]) by mxu4.u.washington.edu (8.11.2+UW01.01/8.11.2+UW01.04) with SMTP id f4DAfas09405 for ; Sun, 13 May 2001 03:41:36 -0700 Received: (qmail 66897 invoked by alias); 13 May 2001 03:33:18 -0000 Received: (qmail 66761 invoked by uid 0); 13 May 2001 03:33:14 -0000 Received: from sttldslgw12poolb243.sttl.uswest.net (HELO riva) (63.229.5.243) by sttlpop4.sttl.uswest.net with SMTP; 13 May 2001 03:33:14 -0000 Message-ID: <000001bf543f$b58c3200$04000a0a@riva> From: "Greg Daly" To: References: Subject: Re: Hiding the apache version Date: Sat, 12 May 2001 14:52:35 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Thanks David - I did know about the ServerSignature switch. I guess I will grep through the source and look for it. -greg ----- Original Message ----- From: "R. David Whitlock" To: "UW Linux Group" Sent: Friday, May 11, 2001 7:58 PM Subject: Re: Hiding the apache version > Do you want to not show the version information on the bottom of an error > page or directory listing? > i.e. > Apache/1.3.14 Server at localhost Port 80 > > Set ServerSignature to off in the httpd.conf. > > As for the entry in the source code to kill to get rid of what pops up in > a telnet session, could you grep through the source maybe? > > -David > > "What you hear isn't necessarily what was said, > what you read isn't necessarily what was written." > -Dostoevsky > > On Fri, 11 May 2001, Greg Daly wrote: > > > hey all, > > I was advised that it might be a good idea to hide the version of apache > > being served, just to make a crackers job more difficult. For example, > > telnetting to port 80 will give you something like this: > > > > Server: Apache/1.3.12 (Unix) (Red Hat/Linux) PHP/4.0.3pl1 mod_perl/1.21 > > > > I assume this is somewhere in the source, does anyone know where? > > Thanks in advance, > > -greg > > > > > > .